IronDome turns off-the-shelf servers into carrier-grade DDoS protection appliances — no black boxes, no BGP rerouting, no scrubbing center contracts. You assemble the hardware. We protect the network.
Deployed inline between the edge and the core — invisible to the network, relentless against attackers. Your topology doesn't change. Your customers don't know it's there. Neither do the attackers.
No per-device licensing. No cost per Gbps. You pay for the software once and run it on your own hardware — forever.
Purchase standard market servers following our recommended component list. No proprietary hardware required. No vendor lock-in. Any supplier, any configuration that meets the requirements — the choice is yours.
Boot the IronDome ISO from a USB drive. A guided wizard handles network configuration, connectivity and manager registration automatically. In under 15 minutes, the node is in production — no manual commands required.
IronDome automatically scales to the available hardware — no manual parameter tuning. Add nodes to the cluster whenever you need more capacity. The system discovers and integrates them on its own.
Built for ISPs and data centers. Every feature validated in real production environments.
Deployed between edge and core without changing your existing topology. The network doesn't perceive the appliance — only the result: attacks blocked before causing any impact.
Multiple nodes in a cluster with automatic failover and load distribution. Each new node joins automatically — no manual configuration on existing nodes, no downtime during expansion.
Complete visibility: node status, live traffic metrics, resource utilization, automatic alerts and protection rule editing — without touching the command line.
Define protection rules and limits specific to each service on your network. Multiple clients and services with custom policies coexist without interfering with each other.
Protection rules updated in production without restarting the filter. No maintenance windows for configuration changes. Updates applied instantly across all cluster nodes.
IronDome detects available hardware and tunes all parameters automatically. From an entry-level server to a high-density machine — no manual capacity configuration ever.
The IronDome Manager is the multi-client platform you use to manage all your deployments from a single place. Each client has an isolated environment with independent access and visibility.
Remote deployment, real-time monitoring, automatic alerts and version control — without accessing each server individually.
IronDome runs as a single inline appliance or distributed across an LACP bond between your switches and routers. Completely transparent. No topology changes.
A single IronDome appliance sits inline between the internet edge and your protected network. Simple, reliable and effective for smaller networks and ISPs starting with DDoS protection.
Multiple IronDome nodes distributed across the LACP bond between your switches or routers. Each node handles its share of the traffic. Total capacity scales linearly with each node added.
Standard market servers. No proprietary hardware. The same platform scales from entry-level ISP to carrier-grade operator.
Hardware listed is validated by our team — other compatible configurations may also work. These are reference builds, not mandatory purchases.
Automated ISO with a guided wizard. From cold server to active filter in under 15 minutes.
Flash the IronDome ISO to a USB drive and boot the server. A fullscreen wizard guides the entire initial setup — network interface, connectivity and manager registration.
The manager receives the new node notification and runs the full deployment automatically — installation, build and configuration. A real-time progress bar shows each stage on the server screen.
Open the web interface, identify WAN and LAN ports visually, and activate the filter. The system detects the hardware and adjusts all parameters automatically — no manual values needed.
We met in a graduate program at a university in the northeastern United States — three engineers from England, Germany, and the American Midwest, arguing about systems design over bad coffee at 2am.
What brought us together wasn't a project. It was a shared frustration: small ISPs being destroyed by DDoS attacks that nobody was solving at a price that made sense. The big scrubbing solutions cost more per month than some operators earned. For a regional ISP with twenty years of history and a community depending on it — there was simply nothing.
We built IronDome to fix that. Not a company, not a startup — just a solution. One that runs on hardware you can buy anywhere, that doesn't require BGP rerouting or a security team, and that's priced for the operator in rural Ohio as much as the carrier in London or Hamburg.
We've kept our names off it. We think the work should speak for itself.
Read the full story →
No scrubbing center contracts. No per-Gbps licensing. No black box.
You bring the hardware. IronDome does the rest — starting right now.